<?php
	include 'dbconnection.php';
	ini_set ("upload_tmp_dir", "/tmp");
	$date = strtotime(date('Y-m-d'));
	if(isset($_POST['Add'])) {
	//if(!empty($_POST['sf_post_id'])) {
	$imageName = rand().$_FILES['sf_photo']['name'];
	$thumbNail = rand().$_FILES['sf_thumbnail']['name'];
					  $insert = sprintf("INSERT INTO `Sign_Faces` (sf_catalog_item_yesno,
																sf_post_id,
																sf_sign_code,
																sf_classification,
															   sf_master_client,
															   sf_agency,
															   sf_district,
															   sf_date_installed,
															   sf_date_last_insp,
															   sf_date_next_insp,
															   sf_replace_date,
															   sf_status,
															   sf_legend,
															   sf_size,
															   sf_width,
															   sf_height,
															   sf_direction1,
															   sf_direction2,
															   sf_shape,
															   sf_backing,
															   sf_manufacturer,
															   sf_sheeting,
															   sf_bgcolor,
															   sf_legcolor,
															   sf_othercolor,
															   sf_bgvalue,
															   sf_legvalue,
															   sf_othervalue,
															   sf_mount_height,
															   sf_bracket_type,
															   sf_position,
															   sf_custom1,
															   sf_custom2,
															   sf_custom3,
															   sf_yesno1,
															   sf_yesno2,
															   sf_yesno3,
															   sf_mang_method,
															   sf_assess_method,
															   sf_photo,
															   sf_thumbnail,
															   sf_action_needed,
															   sf_comments,
															   sf_min_refl,
															   sf_sheeting_manuf,
															   sf_cost) 
								VALUES ('%d','%d','%s','%s','%d','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%d','%d','%d','%s','%s','%s','%s','%s','%s','%d','%d','%d','%s','%s','%s','%s','%s','%s','%d','%s','%s')", 
										mysql_real_escape_string($_POST['sf_catalog_item_yesno']),
										mysql_real_escape_string($_POST['sf_post_id']),
										mysql_real_escape_string($_POST['sf_sign_code']),
										mysql_real_escape_string($_POST['sf_classification']),
										mysql_real_escape_string($_POST['sf_master_client']),
										mysql_real_escape_string($_POST['sf_agency']),
										mysql_real_escape_string($_POST['sf_district']),
										mysql_real_escape_string(date('Y-m-d', strtotime($_POST['sf_date_installed']))),
										mysql_real_escape_string(date('Y-m-d', strtotime($_POST['sf_date_last_insp']))),
										mysql_real_escape_string(date('Y-m-d', strtotime($_POST['sf_date_next_insp']))),
										mysql_real_escape_string(date('Y-m-d', strtotime($_POST['sf_replace_date']))),
										mysql_real_escape_string($_POST['sf_status']),
										mysql_real_escape_string($_POST['sf_legend']),
										mysql_real_escape_string($_POST['sf_size']),
										mysql_real_escape_string($_POST['sf_width']),
										mysql_real_escape_string($_POST['sf_height']),
										mysql_real_escape_string($_POST['sf_direction1']),
										mysql_real_escape_string($_POST['sf_direction2']),
										mysql_real_escape_string($_POST['sf_shape']),
										mysql_real_escape_string($_POST['sf_backing']),
										mysql_real_escape_string($_POST['sf_manufacturer']),
										mysql_real_escape_string($_POST['sf_sheeting']),
										mysql_real_escape_string($_POST['sf_bgcolor']),
										mysql_real_escape_string($_POST['sf_legcolor']),
										mysql_real_escape_string($_POST['sf_othercolor']),
										mysql_real_escape_string($_POST['sf_bgvalue']),
										mysql_real_escape_string($_POST['sf_legvalue']),
										mysql_real_escape_string($_POST['sf_othervalue']),
										mysql_real_escape_string($_POST['sf_mount_height']),
										mysql_real_escape_string($_POST['sf_bracket_type']),
										mysql_real_escape_string($_POST['sf_position']),
										mysql_real_escape_string($_POST['sf_custom1']),
										mysql_real_escape_string($_POST['sf_custom2']),
										mysql_real_escape_string($_POST['sf_custom3']),
										mysql_real_escape_string($_POST['sf_yes_no1']),
										mysql_real_escape_string($_POST['sf_yes_no2']),
										mysql_real_escape_string($_POST['sf_yes_no3']),
										mysql_real_escape_string($_POST['sf_mang_method']),
										mysql_real_escape_string($_POST['sf_assess_method']),
										$imageName,
										$thumbNail,
										mysql_real_escape_string($_POST['sf_action_needed']),
										mysql_real_escape_string($_POST['sf_comments']),
										mysql_real_escape_string($_POST['sf_min_refl']),
										mysql_real_escape_string($_POST['sf_sheeting_manuf']),
										mysql_real_escape_string($_POST['sf_cost']));
				mysql_query($insert);
				
				$signPostId = mysql_insert_id();
				
				$insertPostActivity = sprintf("INSERT INTO `Sign_Activity` (sa_sf_id,
															   sa_datetime,
															   sa_activity) 
								VALUES ('%d','%s','%s')", 
										$signPostId,
										$date,
										mysql_real_escape_string($_POST['sa_activity']));
				mysql_query($insertPostActivity);
				
				move_uploaded_file($_FILES['sf_photo']['tmp_name'],'photo/'.$imageName);
				move_uploaded_file($_FILES['sf_thumbnail']['tmp_name'],'photo/'.$thumbNail);
				
				if(!empty($_POST['temp_thumb'])) {
				$query = "UPDATE `Sign_Faces` SET `sf_thumbnail` = '".$_POST['temp_thumb']."' WHERE `sf_id` = '".$signPostId."'";
						mysql_query($query);
						
								
					
				}
				
			/*	header('Location:messageDisp.php?msg=1&action=signFaceMsg');exit;*/
			header('Location:signFaceManager.php?id='.$signPostId.'&action=edit&msg=3');exit;
	//} // main if ends here
	/*else  {
		header('Location:signPostManager.php?msg=2&action=add');exit;
	}	*/
  }
  
  ////////////////////////////////EDIT ACTIONS//////////////////////////////////////
  
  elseif(isset($_POST['Edit'])) {
	//if(!empty($_POST['sf_post_id'])) {
	
											
						
						 $update = sprintf("UPDATE `Sign_Faces` 
						 									    SET `sf_catalog_item_yesno` = '%d',
																 `sf_post_id` = '%d',
																 `sf_sign_code` = '%s',
																 `sf_classification` = '%s',
															     `sf_master_client` = '%d',
																 `sf_agency` = '%s',
																 `sf_district` = '%s',
																 `sf_date_installed` = '%s',
																 `sf_date_last_insp` = '%s',
																 `sf_date_next_insp` = '%s',
																 `sf_replace_date` = '%s',
																 `sf_status` = '%s',
																 `sf_legend` = '%s',
																 `sf_size` = '%s',
																 `sf_width` = '%s',
																 `sf_height` = '%s',
																 `sf_direction1` = '%s',
																 `sf_direction2` = '%s',
																 `sf_shape` = '%s',
																 `sf_backing` = '%s',
																 `sf_manufacturer` = '%s',
																 `sf_sheeting` = '%s',
																 `sf_bgcolor` = '%s',
																 `sf_legcolor` = '%s',
																 `sf_othercolor` = '%s',
																 `sf_bgvalue` = '%d',
																 `sf_legvalue` = '%d',
																 `sf_othervalue` = '%d',
																 `sf_mount_height` = '%s',
																 `sf_bracket_type` = '%s',
																 `sf_position` = '%s',
																 `sf_custom1` = '%s',
																 `sf_custom2` = '%s',
																 `sf_custom3` = '%s',
																 `sf_yesno1` = '%d',
																 `sf_yesno2` = '%d',
																 `sf_yesno3` = '%d',
																 `sf_mang_method` = '%s',
																 `sf_assess_method` = '%s',
																 `sf_action_needed` = '%s',
																 `sf_comments` = '%s',
																 `sf_min_refl` = '%d',
																 `sf_sheeting_manuf` = '%s',
																 `sf_cost` = '%s'
																WHERE  `sf_id`   = '%d'", 
								
										mysql_real_escape_string($_POST['sf_catalog_item_yesno']),
										mysql_real_escape_string($_POST['sf_post_id']),
										mysql_real_escape_string($_POST['sf_sign_code']),
										mysql_real_escape_string($_POST['sf_classification']),
										mysql_real_escape_string($_POST['sf_master_client']),
										mysql_real_escape_string($_POST['sf_agency']),
										mysql_real_escape_string($_POST['sf_district']),
										mysql_real_escape_string(date("Y-m-d", strtotime($_POST['sf_date_installed']))),
										mysql_real_escape_string(date("Y-m-d", strtotime($_POST['sf_date_last_insp']))),
										mysql_real_escape_string(date("Y-m-d", strtotime($_POST['sf_date_next_insp']))),
										mysql_real_escape_string(date("Y-m-d", strtotime($_POST['sf_replace_date']))),
										mysql_real_escape_string($_POST['sf_status']),
										mysql_real_escape_string($_POST['sf_legend']),
										mysql_real_escape_string($_POST['sf_size']),
										mysql_real_escape_string($_POST['sf_width']),
										mysql_real_escape_string($_POST['sf_height']),
										mysql_real_escape_string($_POST['sf_direction1']),
										mysql_real_escape_string($_POST['sf_direction2']),
										mysql_real_escape_string($_POST['sf_shape']),
										mysql_real_escape_string($_POST['sf_backing']),
										mysql_real_escape_string($_POST['sf_manufacturer']),
										mysql_real_escape_string($_POST['sf_sheeting']),
										mysql_real_escape_string($_POST['sf_bgcolor']),
										mysql_real_escape_string($_POST['sf_legcolor']),
										mysql_real_escape_string($_POST['sf_othercolor']),
										mysql_real_escape_string($_POST['sf_bgvalue']),
										mysql_real_escape_string($_POST['sf_legvalue']),
										mysql_real_escape_string($_POST['sf_othervalue']),
										mysql_real_escape_string($_POST['sf_mount_height']),
										mysql_real_escape_string($_POST['sf_bracket_type']),
										mysql_real_escape_string($_POST['sf_position']),
										mysql_real_escape_string($_POST['sf_custom1']),
										mysql_real_escape_string($_POST['sf_custom2']),
										mysql_real_escape_string($_POST['sf_custom3']),
										mysql_real_escape_string($_POST['sf_yes_no1']),
										mysql_real_escape_string($_POST['sf_yes_no2']),
										mysql_real_escape_string($_POST['sf_yes_no3']),
										mysql_real_escape_string($_POST['sf_mang_method']),
										mysql_real_escape_string($_POST['sf_assess_method']),
										mysql_real_escape_string($_POST['sf_action_needed']),
										mysql_real_escape_string($_POST['sf_comments']),
										mysql_real_escape_string($_POST['sf_min_refl']),
										mysql_real_escape_string($_POST['sf_sheeting_manuf']),
										mysql_real_escape_string($_POST['sf_cost']),
										mysql_real_escape_string($_POST['sf_id']));
										
										mysql_query($update);
										
										
							$updatePostActivity = sprintf("UPDATE `Sign_Activity` 
															   SET    `sa_activity`  = '%s'
															   WHERE  `sa_sf_id`   = '%d'",
													   mysql_real_escape_string($_POST['sa_activity']),
													   mysql_real_escape_string($_POST['sf_id']));
						mysql_query($updatePostActivity);
				
				$imageName = rand().$_FILES['sf_photo']['name'];
				if(!empty($_FILES['sf_photo']['name'])) {
				$query = "UPDATE `Sign_Faces` SET `sf_photo` = '$imageName' WHERE `sf_id` = '".$_POST['sf_id']."'";
						mysql_query($query);
						move_uploaded_file($_FILES['sf_photo']['tmp_name'],'photo/'.$imageName);
					
				}
				
				 $thumbNail = rand().$_FILES['sf_thumbnail']['name'];
				if(!empty($_FILES['sf_thumbnail']['name'])) {
				$query = "UPDATE `Sign_Faces` SET `sf_thumbnail` = '$thumbNail' WHERE `sf_id` = '".$_POST['sf_id']."'";
						mysql_query($query);
						
						move_uploaded_file($_FILES['sf_thumbnail']['tmp_name'],'photo/'.$thumbNail);
						
					
				}
				
																															
					header('Location:messageDisp.php?msg=2&action=signFaceMsg&id='.$_POST['userId'].'');exit;
					
	//}
}
	
	
  ////////////////////////////CODE TO DELETE/////////////////////////// 	
  elseif($_REQUEST['action'] == "delete") {
	$deleteQry  = "DELETE FROM `Sign_Faces` WHERE `sf_id`='".$_REQUEST['id']."'"; 
	$qryExe = mysql_query($deleteQry);
	
	header('location:signPostList.php?msg=del');exit;
  }
  
    ////////////////////////////CODE TO STATUS////////////////////////// 	
  elseif($_REQUEST['action'] == "status") {
 	 if($_REQUEST['curStatus'] == '0') {
		$query = "UPDATE `sign_posts` SET `operatorStatus`= '1' WHERE `operatorId` = '".$_REQUEST['id']."'";
		$result = mysql_query($query);
		header("Location:messageDisp.php?action=op&msg=3");exit;
	}
	if($_REQUEST['curStatus'] == '1') {
		$query = "UPDATE `sign_posts` SET `operatorStatus`= '0' WHERE `operatorId` = '".$_REQUEST['id']."'";
		$result = mysql_query($query);
		header("Location:messageDisp.php?action=op&msg=4");exit;
	}
  }
  
  ///////////////////////////////////////////RESET PASSS//////////////////////////////////////
  elseif(isset($_POST['changePassword'])) {
		if(!empty($_POST['newPassword']) && !empty($_POST['newCPassword'])) {
			if($_POST['newCPassword'] != $_POST['newPassword']) {
			header("Location:signPostManager.php?id=".$_POST['operatorId']."&msg=1&action=chPass");exit;
			}
		
			 $encryptNewPassword = md5($_POST['newCPassword']);
			 $update = sprintf("UPDATE `sign_posts` 
															   SET    `operatorpassword`  = '%s'
															   WHERE  `operatorId`   = '%d'",
													   mysql_real_escape_string($encryptNewPassword), 
													   mysql_real_escape_string($_POST['operatorId']));
						mysql_query($update);
				header('Location:messageDisp.php?action=op&msg=6');exit;
		} else {
		header("Location:signPostManager.php?id=".$_POST['operatorId']."&msg=2&action=chPass");exit;
		}
	}
?>
